- “압박을 기회로” 비즈니스 가치의 기대감에 짓눌리는 CIO를 위한 조언
- IT e OT sempre più vicine: le opportunità, i consigli e le raccomandazioni
- 中 수곤-하이곤 합병··· 분석가 “글로벌 HPC 생태계 재편 가능성”
- The best Chromebooks for students in 2025: Expert tested and reviewed
- The top-selling smartphone in 2025 so far might surprise you - here's why
Cybercriminals target SAP vulnerabilities
Cybercriminals are getting better at attacking critical business applications, according to a recent report by Onapsis. The report found a rise in threat actors targeting SAP vulnerabilities.
According to the report, 2023 was an important year for the SAP application threat landscape. The report found a 400% increase in ransomware incidents that involved compromising SAP systems and data at victim’s organizations.
The report found that conversations on SAP vulnerabilities and exploits have increased 490% across Open Deep and Dark Web from 2021 to 2023, including:
- Details on how to exploit SAP vulnerabilities
- Guidance for executing certain SAP exploits against victims
- Actors discussing SAP compromises
According to the report, active discussions in cybercriminal forums about SAP-specific Cloud and Web services have increased 220% from 2021 to 2023
The SAP threat landscape is seeing well-established, highly sophisticated threat actors and state-sponsored groups that are more aggressively targeting SAP applications for financial gain, espionage and sabotage, the report finds. Unpatched SAP vulnerabilities are being exploited and used in ransomware campaigns, according to the report.
Recent evolution of ransomware and malware capabilities has occurred to enhance awareness of SAP processes and services, which demonstrates a renewed focus on successful ransomware execution and data extraction across SAP technology.
